package com.bwsoft.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.bwsoft.admin.domain.Account;
import com.bwsoft.domain.User;

/**
 * 
 * 创建拦截器，目前用于监控访问.action 和 .jsp 的请求用户的Session状况，后续可能回家，针对用户的action的权限
 * 
 * @author CuiBowen
 * 
 */
public class SessionUserCheckFilter implements Filter {

	// 创建不拦截的URL容器
	private List<String> passURL = null;
	
	// 创建不拦截的URL容器
	private List<String> portalPassURL = null;

	@Override
	public void init(FilterConfig arg0) throws ServletException {

		// 将不拦截的页面加入到容器中
		passURL = new ArrayList<String>();
		// passURL.add("/Login.jsp");
		passURL.add("/admin/jsp/image.jsp");
		passURL.add("/admin/system_userLogin.action");
		passURL.add("/admin/base/jsp/Error403.jsp");
		
		portalPassURL = new ArrayList<String>();
		portalPassURL.add("/index.action");
		portalPassURL.add("/qualitycontrol_index.action");
		portalPassURL.add("/qualitycontrol_getQcJson.action");
		portalPassURL.add("/qualitycontrol_contentShow.action");
		portalPassURL.add("/standard_index.action");
		portalPassURL.add("/standard_getStandardListJson.action");
		portalPassURL.add("/portal/login.jsp");
		portalPassURL.add("/toLogin.action");
		portalPassURL.add("/logout.action");
		portalPassURL.add("/login.action");
		portalPassURL.add("/index.jsp");
	}

	@Override
	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException {

		// 得到request、session、respinse对象
		HttpServletRequest request = (HttpServletRequest) req;
		HttpSession session = request.getSession();
		HttpServletResponse response = (HttpServletResponse) res;
		// 访问的URL
		String url = request.getServletPath();
		String houZhui = url.substring(url.lastIndexOf('.'), url.length());
		if (!houZhui.isEmpty() && houZhui != null && !houZhui.equals(".jsp")
				&& !houZhui.equals(".action")) {
			chain.doFilter(request, response);
			return;
		}
		//如果是门户页面进入的执行处理方法
		if(url.indexOf("/admin")!=0&&url.indexOf("/api")!=0){
			//chain.doFilter(request, response);
			checkPortalUserLogin(request, session, response, url, chain);
			return;
		}
		// 截取URL 头部信息
		String areUrl = url.substring(1, url.indexOf('/', 1));
		// 不拦截URL的容器是否包含访问的URL，包含则通过
		if (passURL.contains(url)) {
			chain.doFilter(request, response);
			return;
		}
		if (areUrl.equals("admin")) {
			checkAdminUserLogin(request, session, response, url, chain);
		}
		if (areUrl.equals("api")) {
			chain.doFilter(request, response);
		}
	}

	private void checkPortalUserLogin(HttpServletRequest request,
			HttpSession session, HttpServletResponse response, String url,
			FilterChain chain) throws IOException, ServletException {
		if(url.indexOf("/news")==0||url.indexOf("/aboutus")==0||url.indexOf("/reg")==0||portalPassURL.contains(url)){
			chain.doFilter(request, response);
			return;
		}
		Account account = (Account)session.getAttribute("Account");
		if (account == null) {
			String urll = "http://" + request.getServerName() // 服务器地址
					+ ":" + request.getServerPort() // 端口号
					+ request.getContextPath(); // 项目名称
			response.sendRedirect(urll + "/toLogin.action");
		} else {
			chain.doFilter(request, response);
		}
	}

	private void checkAdminUserLogin(HttpServletRequest request,
			HttpSession session, HttpServletResponse response, String url,
			FilterChain chain) throws IOException, ServletException {
		// 获取Session中的UserID
		User user = (User) session.getAttribute("User");

		String urll = "http://" + request.getServerName() // 服务器地址
				+ ":" + request.getServerPort() // 端口号
				+ request.getContextPath(); // 项目名称

		// 判断UserID是否为空
		if (user == null) {
			
			if (!url.equals("/admin/index.jsp")
					&& !url.equals("/admin/login.jsp"))
				// 重定向到初始页面
				response.sendRedirect(urll + "/admin/base/jsp/Error403.jsp");
			else {
				if (url.equals("/admin/login.jsp")) {

					chain.doFilter(request, response);
				} else {
					response.sendRedirect(urll +"/admin/login.jsp");
				}
			}

		} else {
			// 不为空通过
			if (url.equals("/admin/login.jsp")
					|| url.equals("/admin/index.jsp")) {
				response.sendRedirect(urll+"/admin/system_initIndex.action");
			} else
				chain.doFilter(request, response);
			return;
		}
	}

	@Override
	public void destroy() {
		// TODO Auto-generated method stub
	}

	



}
